Invalidating Users (temporarily)
John F Haugh II
jfh at rpp386.cactus.org
Mon Jun 24 23:38:19 AEST 1991
In article <1991Jun21.163259.6777 at unlinfo.unl.edu> james at engrss2.unl.edu (James Nau) writes:
>Does anyone know of a way to invalidate a user so that a message is
>displayed, and the user is logged off, and ftp access is disabled?
>I've tried replacing the shell with a program that prints out a
>message. Worked great. But that still allowed FTP access to the account.
There is a file, /etc/shells, which lists the shells which a user may
have and be granted FTP access. The /etc/shells file was replaced by
the "shells" attribute in /etc/security/login.cfg and I suspect the
people in TCP/IP didn't get the message.
>The only alternative that I can see is to either a) change the password
>on the account, or b) mark that password in /etc/passwd to be a "*".
>Both of these will disable the account, but won't allow a message to be
>printed.
Create the file /etc/shells and add the names of the valid login shells
on separate lines. Your program shouldn't be listed, nor should the UUCP
and other "special" commands.
--
John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh
Ma Bell: (512) 255-8251 | GEnie PROHIBITED :-) | Domain: jfh at rpp386.cactus.org
"UNIX signals are not interrupts. Worse, SIGCHLD/SIGCLD is not even a UNIX
signal, it's an abomination." -- Doug Gwyn
More information about the Comp.unix.aix
mailing list